Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/net/ssl_config_service_manager_pref_unittest.cc

Issue 23523016: net: don't allow SSLv3 fallback for Google properties. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/net/ssl_config_service_manager_pref.cc ('k') | chrome/common/chrome_switches.cc » ('j') | net/http/transport_security_state_static.json » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/net/ssl_config_service_manager.h" 5 #include "chrome/browser/net/ssl_config_service_manager.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/memory/ref_counted.h" 8 #include "base/memory/ref_counted.h"
9 #include "base/message_loop/message_loop.h" 9 #include "base/message_loop/message_loop.h"
10 #include "base/prefs/pref_registry_simple.h" 10 #include "base/prefs/pref_registry_simple.h"
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after
154 ASSERT_EQ(2u, config.disabled_cipher_suites.size()); 154 ASSERT_EQ(2u, config.disabled_cipher_suites.size());
155 EXPECT_EQ(0x0004, config.disabled_cipher_suites[0]); 155 EXPECT_EQ(0x0004, config.disabled_cipher_suites[0]);
156 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); 156 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]);
157 } 157 }
158 158
159 // Test that 159 // Test that
160 // * without command-line settings for minimum and maximum SSL versions, 160 // * without command-line settings for minimum and maximum SSL versions,
161 // SSL 3.0 ~ default_version_max() are enabled; 161 // SSL 3.0 ~ default_version_max() are enabled;
162 // * without --enable-unrestricted-ssl3-fallback, 162 // * without --enable-unrestricted-ssl3-fallback,
163 // |unrestricted_ssl3_fallback_enabled| is false. 163 // |unrestricted_ssl3_fallback_enabled| is false.
164 // TODO(thaidn): |unrestricted_ssl3_fallback_enabled| is true by default
165 // temporarily until we have fixed deployment issues.
166 TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) { 164 TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) {
167 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); 165 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore());
168 166
169 PrefServiceMockBuilder builder; 167 PrefServiceMockBuilder builder;
170 builder.WithUserPrefs(local_state_store.get()); 168 builder.WithUserPrefs(local_state_store.get());
171 scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple; 169 scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
172 scoped_ptr<PrefService> local_state(builder.Create(registry.get())); 170 scoped_ptr<PrefService> local_state(builder.Create(registry.get()));
173 171
174 SSLConfigServiceManager::RegisterPrefs(registry.get()); 172 SSLConfigServiceManager::RegisterPrefs(registry.get());
175 173
176 scoped_ptr<SSLConfigServiceManager> config_manager( 174 scoped_ptr<SSLConfigServiceManager> config_manager(
177 SSLConfigServiceManager::CreateDefaultManager(local_state.get())); 175 SSLConfigServiceManager::CreateDefaultManager(local_state.get()));
178 ASSERT_TRUE(config_manager.get()); 176 ASSERT_TRUE(config_manager.get());
179 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 177 scoped_refptr<SSLConfigService> config_service(config_manager->Get());
180 ASSERT_TRUE(config_service.get()); 178 ASSERT_TRUE(config_service.get());
181 179
182 SSLConfig ssl_config; 180 SSLConfig ssl_config;
183 config_service->GetSSLConfig(&ssl_config); 181 config_service->GetSSLConfig(&ssl_config);
184 // The default value in the absence of command-line options is that 182 // The default value in the absence of command-line options is that
185 // SSL 3.0 ~ default_version_max() are enabled. 183 // SSL 3.0 ~ default_version_max() are enabled.
186 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_min); 184 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_min);
187 EXPECT_EQ(net::SSLConfigService::default_version_max(), 185 EXPECT_EQ(net::SSLConfigService::default_version_max(),
188 ssl_config.version_max); 186 ssl_config.version_max);
189 EXPECT_TRUE(ssl_config.unrestricted_ssl3_fallback_enabled); 187 EXPECT_FALSE(ssl_config.unrestricted_ssl3_fallback_enabled);
190 188
191 // The settings should not be added to the local_state. 189 // The settings should not be added to the local_state.
192 EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMin)); 190 EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMin));
193 EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMax)); 191 EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMax));
194 EXPECT_FALSE(local_state->HasPrefPath( 192 EXPECT_FALSE(local_state->HasPrefPath(
195 prefs::kEnableUnrestrictedSSL3Fallback)); 193 prefs::kEnableUnrestrictedSSL3Fallback));
196 194
197 // Explicitly double-check the settings are not in the preference store. 195 // Explicitly double-check the settings are not in the preference store.
198 std::string version_min_str; 196 std::string version_min_str;
199 std::string version_max_str; 197 std::string version_max_str;
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
255 std::string version_max_str; 253 std::string version_max_str;
256 EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMin, 254 EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMin,
257 &version_min_str)); 255 &version_min_str));
258 EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax, 256 EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax,
259 &version_max_str)); 257 &version_max_str));
260 bool unrestricted_ssl3_fallback_enabled; 258 bool unrestricted_ssl3_fallback_enabled;
261 EXPECT_FALSE(local_state_store->GetBoolean( 259 EXPECT_FALSE(local_state_store->GetBoolean(
262 prefs::kEnableUnrestrictedSSL3Fallback, 260 prefs::kEnableUnrestrictedSSL3Fallback,
263 &unrestricted_ssl3_fallback_enabled)); 261 &unrestricted_ssl3_fallback_enabled));
264 } 262 }
OLDNEW
« no previous file with comments | « chrome/browser/net/ssl_config_service_manager_pref.cc ('k') | chrome/common/chrome_switches.cc » ('j') | net/http/transport_security_state_static.json » ('J')

Powered by Google App Engine
This is Rietveld 408576698